This page lists publicly disclosed CVE vulnerabilities affecting dlink dir-816l_firmware (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-13191 | A vulnerability was determined in D-Link DIR-816L 2_06_b09_beta. This issue affects the function soapcgi_main of the file /soap.cgi. This manipulation causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. This vulnerability only affects products that are no longer supported by the maintainer. | [email protected] | 7.4 | 0.07% | 2025-11-15 | 2025-11-19 |
| CVE-2025-13190 | A vulnerability was found in D-Link DIR-816L 2_06_b09_beta. This vulnerability affects the function scandir_main of the file /portal/__ajax_exporer.sgi. The manipulation of the argument en results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer. | [email protected] | 7.4 | 0.06% | 2025-11-15 | 2025-11-20 |
| CVE-2025-13189 | A vulnerability has been found in D-Link DIR-816L 2_06_b09_beta. This affects the function genacgi_main of the file gena.cgi. The manipulation of the argument SERVER_ID/HTTP_SID leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | [email protected] | 7.4 | 0.07% | 2025-11-15 | 2025-11-20 |
| CVE-2025-13188 | A vulnerability was detected in D-Link DIR-816L 2_06_b09_beta. Affected by this vulnerability is the function authenticationcgi_main of the file /authentication.cgi. Performing manipulation of the argument Password results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | [email protected] | 8.9 | 0.35% | 2025-11-14 | 2025-11-20 |
| CVE-2025-9727 | A weakness has been identified in D-Link DIR-816L 206b01. Affected by this issue is the function soapcgi_main of the file /soap.cgi. This manipulation of the argument service causes os command injection. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited. This vulnerability only affects products that are no longer supported by the maintainer. | [email protected] | 2.1 | 0.39% | 2025-08-31 | 2026-04-29 |
| CVE-2025-7836 | A vulnerability has been found in D-Link DIR-816L up to 2.06B01 and classified as critical. Affected by this vulnerability is the function lxmldbc_system of the file /htdocs/cgibin of the component Environment Variable Handler. The manipulation leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | [email protected] | 2.1 | 2.25% | 2025-07-19 | 2026-04-29 |
| CVE-2025-46176 | Hardcoded credentials in the Telnet service in D-Link DIR-605L v2.13B01 and DIR-816L v2.06B01 allow attackers to remotely execute arbitrary commands via firmware analysis. | [email protected] | 6.5 | 0.38% | 2025-05-23 | 2025-06-03 |
| CVE-2022-28956 | An issue in the getcfg.php component of D-Link DIR816L_FW206b01 allows attackers to access the device via a crafted payload. | [email protected] | 9.8 | 28.39% | 2022-05-18 | 2024-11-21 |
| CVE-2022-28955 | An access control issue in D-Link DIR816L_FW206b01 allows unauthenticated attackers to access folders folder_view.php and category_view.php. | [email protected] | 7.5 | 92.06% | 2022-05-18 | 2024-11-21 |
| CVE-2020-25786 | webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: this is typically not exploitable because of URL encoding (except in Internet Explorer) and because a web page cannot specify that a client should make an additional HTTP request with an arbitrary Referer header | [email protected] | 6.1 | 0.68% | 2020-09-19 | 2024-11-21 |
| CVE-2020-15895 | An XSS issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. In the file webinc/js/info.php, no output filtration is applied to the RESULT parameter, before it's printed on the webpage. | [email protected] | 6.1 | 13.73% | 2020-07-22 | 2024-11-21 |
| CVE-2020-15894 | An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. There exists an exposed administration function in getcfg.php, which can be used to call various services. It can be utilized by an attacker to retrieve various sensitive information, such as admin login credentials, by setting the value of _POST_SERVICES in the query string to DEVICE.ACCOUNT. | [email protected] | 7.5 | 1.27% | 2020-07-22 | 2024-11-21 |
| CVE-2020-15893 | An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. Universal Plug and Play (UPnP) is enabled by default on port 1900. An attacker can perform command injection by injecting a payload into the Search Target (ST) field of the SSDP M-SEARCH discover packet. | [email protected] | 9.8 | 82.54% | 2020-07-22 | 2024-11-21 |
| CVE-2019-7642 | D-Link routers with the mydlink feature have some web interfaces without authentication requirements. An attacker can remotely obtain users' DNS query logs and login logs. Vulnerable targets include but are not limited to the latest firmware versions of DIR-817LW (A1-1.04), DIR-816L (B1-2.06), DIR-816 (B1-2.06?), DIR-850L (A1-1.09), and DIR-868L (A1-1.10). | [email protected] | 7.5 | 10.87% | 2019-03-25 | 2024-11-21 |
| CVE-2015-5999 | Multiple cross-site request forgery (CSRF) vulnerabilities in the D-Link DIR-816L Wireless Router with firmware before 2.06.B09_BETA allow remote attackers to hijack the authentication of administrators for requests that (1) change the admin password, (2) change the network policy, or (3) possibly have other unspecified impact via crafted requests to hedwig.cgi and pigwidgeon.cgi. | [email protected] | 6.8 | 14.38% | 2015-11-18 | 2026-05-06 |